bobdehnhardt writes: The Reg reports: Multiple Barracuda Networks products feature an undocumented backdoor, leaving widely deployed network and data center gear vulnerable to hijacking. Privileged user accounts were found in various Barracuda appliances, including its flagship Spam and Virus Firewall, Web Application Firewall, Web Filter, SSL VPN, and other gear. The accounts, which Barracuda claims are necessary for remote customer support, cannot be disabled, are hard-wired into the equipment's operating system, and can be assessed remotely via SSH or the local terminal.

This discussion was created for logged-in users only, but now has been archived.
No new comments can be posted.